Lucene search
Veracode Vulnerability DatabaseVERACODE:13167HistoryJan 15, 2019 - 9:26 a.m.
SQL Injection
2019-01-1509:26:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.006 Low
EPSS
Percentile
77.9%
PostgreSQL is vulnerable to SQL injection. An attacker is able to inject and execute arbitrary SQL statements in pg_upgrade and pg_dump via a malicious trigger definition (`CREATE TRGGER … REFERENCING).
References
www.securityfocus.com/bid/105923
www.securitytracker.com/id/1042144
access.redhat.com/errata/RHSA-2018:3757
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16850
security.gentoo.org/glsa/201811-24
usn.ubuntu.com/3818-1/
www.postgresql.org/about/news/1905/
Related
ubuntu
ubuntu
PostgreSQL vulnerability
2018-11-14 00:00:00
redhatcve
redhatcve
CVE-2018-16850
2020-04-04 05:44:50
broadcom
broadcom
cvelist
cvelist
CVE-2018-16850
2018-11-13 15:00:00
postgresql
postgresql
Vulnerability in core server (CVE-2018-16850)
2018-11-13 15:29:00
openvas
openvas
PostgreSQL < 10.6, 11.x < 11.1 SQL Injection Vulnerability - Windows
2018-11-14 00:00:00
Ubuntu: Security Advisory (USN-3818-1)
2018-11-15 00:00:00
openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2018:3893-1)
2018-11-26 00:00:00
debiancve
debiancve
CVE-2018-16850
2018-11-13 15:29:00
nessus
nessus
FreeBSD : PostgreSQL -- SQL injection in pg_upgrade and pg_dump (1c27a706-e3aa-11e8-b77a-6cc21735f730)
2018-11-09 00:00:00
openSUSE Security Update : postgresql10 (openSUSE-2018-1460)
2018-11-26 00:00:00
EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2019-2297)
2019-11-27 00:00:00
suse
suse
Security update for postgresql10 (moderate)
2018-11-24 18:13:02
Security update for postgresql10 (moderate)
2018-12-08 00:11:36
gentoo
gentoo
PostgreSQL: SQL injection
2018-11-30 00:00:00
ubuntucve
ubuntucve
CVE-2018-16850
2018-11-08 00:00:00
altlinux
altlinux
nvd
nvd
CVE-2018-16850
2018-11-13 15:29:00
kaspersky
kaspersky
KLA11347 SB vulnerability in PostgreSQL
2018-11-08 00:00:00
prion
prion
Sql injection
2018-11-13 15:29:00
redhat
redhat
(RHSA-2018:3757) Important: rh-postgresql10-postgresql security update
2018-12-03 07:59:42
freebsd
freebsd
PostgreSQL -- SQL injection in pg_upgrade and pg_dump
2018-11-08 00:00:00
f5
f5
K98201023 : PostgreSQL vulnerability CVE-2018-16850
2020-07-24 00:00:00
osv
osv
CVE-2018-16850
2018-11-13 15:29:00
alpinelinux
alpinelinux
CVE-2018-16850
2018-11-13 15:29:00
cve
cve
CVE-2018-16850
2018-11-13 15:29:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0010
2019-04-19 00:00:00
Critical Photon OS Security Update - PHSA-2019-3.0-0010
2019-04-19 00:00:00
ibm
ibm